Debian Ffmpeg vulnerabilities

CVE-2014-125019 [MEDIUM] CVE-2014-125019: ffmpeg - A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. T... A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decode_nal_unit of the component Slice Segment Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. Scope: local bookworm: resolved bullseye: resolved forky:

CVE-2014-125005 [MEDIUM] CVE-2014-125005: ffmpeg - A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. T... A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decode_vol_header of the file libavcodec/mpeg4videodec.c. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. Scope: local bookworm: resolved bullseye: resolved fork

CVE-2014-125017 [HIGH] CVE-2014-125017: ffmpeg - A vulnerability classified as critical was found in FFmpeg 2.0. This vulnerabili... A vulnerability classified as critical was found in FFmpeg 2.0. This vulnerability affects the function rpza_decode_stream. The manipulation leads to memory corruption. The attack can be initiated remotely. The name of the patch is Fixes Invalid Writes. It is recommended to apply a patch to fix this issue. Scope: local bookworm: resolved bullseye: resolved forky: r

CVE-2014-9676 [MEDIUM] CVE-2014-9676: ffmpeg - The seg_write_packet function in libavformat/segment.c in ffmpeg 2.1.4 and earli... The seg_write_packet function in libavformat/segment.c in ffmpeg 2.1.4 and earlier does not free the correct memory location, which allows remote attackers to cause a denial of service ("invalid memory handler") and possibly execute arbitrary code via a crafted video that triggers a use after free. Scope: local bookworm: resolved bullseye: resolved forky: resolved si

CVE-2014-125021 [MEDIUM] CVE-2014-125021: ffmpeg - A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issu... A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function cmv_process_header. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2014-125023 [MEDIUM] CVE-2014-125023: ffmpeg - A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Af... A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this vulnerability is the function truemotion1_decode_header of the component Truemotion1 Handler. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. Scope: local bookworm: resolved bullseye

CVE-2014-125008 [MEDIUM] CVE-2014-125008: ffmpeg - A vulnerability classified as problematic has been found in FFmpeg 2.0. Affected... A vulnerability classified as problematic has been found in FFmpeg 2.0. Affected is the function vorbis_header of the file libavformat/oggparsevorbis.c. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. Scope: local bookworm: resolved bullseye: resolved forky: resolved

CVE-2014-125024 [HIGH] CVE-2014-125024: ffmpeg - A vulnerability was found in FFmpeg 2.0. It has been rated as critical. Affected... A vulnerability was found in FFmpeg 2.0. It has been rated as critical. Affected by this issue is the function lag_decode_frame. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2014-125015 [HIGH] CVE-2014-125015: ffmpeg - A vulnerability classified as critical has been found in FFmpeg 2.0. Affected is... A vulnerability classified as critical has been found in FFmpeg 2.0. Affected is the function read_var_block_data. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2014-2099 [MEDIUM] CVE-2014-2099: ffmpeg - The msrle_decode_frame function in libavcodec/msrle.c in FFmpeg before 2.1.4 doe... The msrle_decode_frame function in libavcodec/msrle.c in FFmpeg before 2.1.4 does not properly calculate line sizes, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Microsoft RLE video data. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved tri

CVE-2014-125012 [MEDIUM] CVE-2014-125012: ffmpeg - A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. ... A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is an unknown function of the file libavcodec/dxtroy.c. The manipulation leads to integer coercion error. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid

CVE-2014-125004 [MEDIUM] CVE-2014-125004: ffmpeg - A vulnerability has been found in FFmpeg 2.0 and classified as problematic. This... A vulnerability has been found in FFmpeg 2.0 and classified as problematic. This vulnerability affects the function decode_hextile of the file libavcodec/vmnc.c. The manipulation leads to memory corruption. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue. Scope: local bookworm: resolved bullseye: resolved forky: resolved

CVE-2014-2097 [MEDIUM] CVE-2014-2097: ffmpeg - The tak_decode_frame function in libavcodec/takdec.c in FFmpeg before 2.1.4 does... The tak_decode_frame function in libavcodec/takdec.c in FFmpeg before 2.1.4 does not properly validate a certain bits-per-sample value, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted TAK (aka Tom's lossless Audio Kompressor) data. Scope: local bookworm: resolved bullseye: r

CVE-2014-125020 [HIGH] CVE-2014-125020: ffmpeg - A vulnerability has been found in FFmpeg 2.0 and classified as critical. This vu... A vulnerability has been found in FFmpeg 2.0 and classified as critical. This vulnerability affects the function decode_update_thread_context. The manipulation leads to memory corruption. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie

CVE-2014-125011 [MEDIUM] CVE-2014-125011: ffmpeg - A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Af... A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this vulnerability is the function decode_frame of the file libavcodec/ansi.c. The manipulation leads to integer coercion error. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. Scope: local bookworm: resolved bullseye: resolved fork

CVE-2014-125014 [MEDIUM] CVE-2014-125014: ffmpeg - A vulnerability classified as problematic was found in FFmpeg 2.0. Affected by t... A vulnerability classified as problematic was found in FFmpeg 2.0. Affected by this vulnerability is an unknown functionality of the component HEVC Video Decoder. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. Scope: local bookworm: resolved bullseye: resolved forky: resolved

CVE-2014-125002 [MEDIUM] CVE-2014-125002: ffmpeg - A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. ... A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is the function dnxhd_init_rc of the file libavcodec/dnxhdenc.c. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. Scope: local bookworm: resolved bullseye: resolved forky: resolved

CVE-2014-125013 [MEDIUM] CVE-2014-125013: ffmpeg - A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issu... A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function msrle_decode_frame of the file libavcodec/msrle.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: re

CVE-2014-125010 [MEDIUM] CVE-2014-125010: ffmpeg - A vulnerability was found in FFmpeg 2.0. It has been rated as critical. Affected... A vulnerability was found in FFmpeg 2.0. It has been rated as critical. Affected by this issue is the function decode_slice_header of the file libavcodec/h64.c. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue. Scope: local bookworm: resolved bullseye: resolved forky: resolved s

CVE-2014-125006 [MEDIUM] CVE-2014-125006: ffmpeg - A vulnerability, which was classified as problematic, has been found in FFmpeg 2... A vulnerability, which was classified as problematic, has been found in FFmpeg 2.0. Affected by this issue is the function output_frame of the file libavcodec/h264.c. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue. Scope: local bookworm: resolved bullseye: resolved forky: reso